[Samba] "00002020: Operation unavailable without authentication" using python-ldap

[Andrew Bartlett]

On Sun, 2019-04-07 at 19:16 +0100, Rowland Penny via samba wrote:
> On Sun, 7 Apr 2019 13:45:11 -0400
> Jonathon Reinhart <jonathon.reinhart at gmail.com> wrote:
> 
> > Interesting, I'm getting the same error using the LDB tools:
> > 
> > ONTHEFIVE\jreinhart-admin at samba-dc3:~$ samba-tool user list -H
> > ldap://localhost
> 
> Does the DC use itself as its first nameserver in /etc/resolv.conf ?
> if it does, it should work without authentication:

Over LDAP it won't ever be without authentication.  When run as root
some samba-tool commands pick up the system's own machine account
password, but at a protocol level all operation on LDAP, aside from
reading the rootDSE, are required to be authenticated.

I hope this clarifies things.

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba